On Mon, 30 Jan 2006 15:27:11 +0100, Zoran Milic wrote You really DON'T want to do that. You only THINK you do. ;) Seriously, though, why would you want to try and bypass your own best hope of password security? N.

I think the limitation may be on the client side for that. Usually, username/password authentication is done using a www_challenge response (which uses md5 hashes to send data so it's not wholly insecure). Since this is being done, all your Radius server will get is likely to be md5'd passwords. I'm not sure it could be done without rewriting SOMEthing. At the very least, you'd have to rewrite the auth_radius module to handle something other than a digest response. N. On Mon, 30 Jan 2006 16:05:20 +0100, Zoran Milic wrote > I have a custom made RADIUS server, which doesn't use md5, and I'm > not keen on writing md5 hashig funcions. Beside, my RADIUS server is > in the same room as the SER server so I am not afraid of sniffing or > something. Has anybody tried it with out MD5? (that is, if there is > a way to do so.) > > Zoran > > On Monday 30 January 2006 15:30, sip wrote: > > On Mon, 30 Jan 2006 15:27:11 +0100, Zoran Milic wrote > > > > > Hi, > > > Is it possible to use radius WITHOUT MD5 hashing? Instead, I wish > > > to send user and pass as plain text. > > > > You really DON'T want to do that. You only THINK you do. ;) > > > > Seriously, though, why would you want to try and bypass your own best > > hope of password security? > > > > N. > > _______________________________________________ > Serusers mailing list > serusers(a)lists.iptel.org > http://lists.iptel.org/mailman/listinfo/serusers